Month: March 2016

New for Exchange 2016 only, is the option to download the updates as a single ISO file instead of a self-extracting package. Copying a single ISO over the network from one server to another is quicker and more efficient than copying the self-extracting package or the thousands of extracted files.

Updates of note this time around:

Updated OWA S/MIME Control certificate

New distribution package for Exchange 2016

Change to mailbox anchoring for remote PowerShell

17 new languages supported for OWA

Support for Standalone Hybrid Configuration Wizard in Exchange 2010

Microsoft is working on building in support for .Net 4.6.1 in the next quarter’s Cumulative Updates. So, avoid installing that version of .Net on ANY Exchange server for the time being.

For more info and download links for the updates, follow the links below:

Like my previous post on Exchange Mailbox Protocols, many companies limit the ability of some of their users (but not all of them) to use the audio/video functionality built into Skype for Business Online. Normally, this occurs in office environments that don’t have the internet bandwidth to support all that A/V traffic for a large number of users, so they limit that use to those who need it or executives, VIPs.

Unfortunately, it’s not possible to create a SIP profile that enables/disables the protocols for any user to which its assigned. Therefore, administrators must disable this functionality for each individual user. This is easily done for one or two users via the administrative console web page, but doing this in bulk requires PowerShell.

To help alleviate this, I’ve created a script that leverages security groups in Azure AD (and on-premises AD if they are synchronized via DirSync) as a way to indicate which users should be allowed the use of Audio/Video functionality in Skype for Business Online.

By default, the script will assume your group is named Office365-AllowSkypeAV, but you could use any group name you want and feed that to the script via a command-line parameter.

When run, the script will disable AudioVideo functionality for ANY user who is NOT a member of the above referenced groups.

This script also leverages my WriteTo-Log function so that a running log can be generated keeping track of each change made to each user for auditing purposes.

Finally, there are optional command-line parameters (-From, -To, -SMTPServer) that can be used to ensure the log is emailed to an address of your choice after completing.

Many companies limit the ability of some of their users (but not all of them) to leverage all of the default protocols enabled for accessing a mailbox in Office 365/Exchange Online while still allow them to connect with Outlook via MAPI.

Unfortunately, it’s not possible to create an OWA profile or a POP profile, for example, that enables/disables the protocols for any user to which its assigned. Therefore, administrators must disable these protocols for each individual user at the CASMailbox-level.

To help alleviate this, I’ve created a script that leverages security groups in Azure AD (and on-premises AD if they are synchronized via DirSync) as a way to indicate which users should be allowed the use of a certain protocol.

By default, the script will assume your groups are named as listed below, but you could use any group name you want and feed that to the script via a command-line parameter.

Office365-AllowActiveSync

Office365-AllowOWA-Device

Office365-AllowIMAP

Office365-AllowPOP

When run, the script will disable the protocols for ANY user who is NOT a member of the above referenced groups.

This script also leverages my WriteTo-Log function so that a running log can be generated keeping track of each change made to each user’s mailbox for auditing purposes.

Finally, there are optional command-line parameters (-From, -To, -SMTPServer) that can be used to ensure the log is emailed to an address of your choice after completing.